Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2015-03-21	CVE-2015-0669	Improper Input Validation vulnerability in Cisco IOS 15.4(3)S/15.4S The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup62167. network low complexity cisco CWE-20	6.4
2015-03-20	CVE-2015-0671	Resource Management Errors vulnerability in Cisco Videoscape Delivery System for Internet Streamer 3.2.1 The DNS implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.2(1) allows remote attackers to cause a denial of service (CPU consumption and network-resource consumption) via crafted packets, aka Bug ID CSCun15911. network low complexity cisco CWE-399	5.0
2015-03-20	CVE-2015-0668	Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.5/2.5.99.2 Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq66737. network cisco CWE-79	4.3
2015-03-18	CVE-2015-0667	Improper Access Control vulnerability in Cisco Content Services Switch 11500 Firmware 8.20.4.02 The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted SSH packets, aka Bug ID CSCut14855. network low complexity cisco CWE-284	5.0
2015-03-18	CVE-2015-0664	Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195. local low complexity cisco CWE-20	4.3
2015-03-17	CVE-2015-0665	Path Traversal vulnerability in Cisco Anyconnect Secure Mobility Client The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173. local low complexity cisco CWE-22	6.6
2015-03-17	CVE-2015-0663	Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages, aka Bug ID CSCus79392. local low complexity cisco CWE-264	6.6
2015-03-06	CVE-2015-0661	Improper Input Validation vulnerability in Cisco IOS XR The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via a malformed SNMP packet, aka Bug ID CSCur25858. network low complexity cisco CWE-20	4.0
2015-03-06	CVE-2015-0659	Security vulnerability in Cisco IOS Autonomic Networking Infrastructure The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS allows remote attackers to trigger self-referential adjacencies via a crafted Autonomic Networking (AN) message, aka Bug ID CSCup62157. network low complexity cisco	5.0
2015-03-06	CVE-2015-0657	Improper Input Validation vulnerability in Cisco IOS XR Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192. network low complexity cisco CWE-20	5.0